<?php

	// remove player from a roster
	session_start();

	require_once '../db/db.php';

	$error = false;

	if(isset($_POST['remove_player']) && $_POST['remove_player'] == true) {

		// validate and sanitize
		if(filter_var($_POST['id'], FILTER_VALIDATE_INT)) {

			$id = filter_var($_POST['id'], FILTER_SANITIZE_NUMBER_INT);

		}else{

			$message[] = '<p class="error">Cannot validate player.</p>';
			$error = true;

		}

		if(filter_var($_POST['roster'], FILTER_VALIDATE_INT)) {

			$roster = filter_var($_POST['roster'], FILTER_SANITIZE_NUMBER_INT);

		}else{

			$message[] = '<p class="error">Cannot validate roster.</p>';
			$error = true;

		}

		// remove player from roster
		try {

			$db->beginTransaction();
			$db->exec("DELETE FROM rosters_players WHERE player_id = " . $id . " AND roster_id = " . $roster);
			$db->commit();
			$message[] = '<p class="success">Successfully removed player from roster.</p>';			
		
		} catch(PDOException $e) {

			$db->rollBack();
			$message[] = '<p class="error">Failed to remove player from roster</p>';
			$message[] = '<p class="notice">' . $e->getMessage() . '</p>';
			$error = true;

		}

	}

	if(isset($message)) foreach($message as $m) print $m;

?>